gatekeeper supporting bandwidth guarantees for
play

Gatekeeper: Supporting Bandwidth Guarantees for Multi-tenant - PowerPoint PPT Presentation

Dec 10, 2022 •472 likes •846 views

Gatekeeper: Supporting Bandwidth Guarantees for Multi-tenant Datacenter Networks Henrique Rodrigues , Yoshio Turner , Jose Renato Santos , Paolo Victor , Dorgival Guedes HP Labs WIOV 2011, Portland, OR The Problem: Network Performance

  1. Gatekeeper: Supporting Bandwidth Guarantees for Multi-tenant Datacenter Networks Henrique Rodrigues , Yoshio Turner , Jose Renato Santos , Paolo Victor , Dorgival Guedes HP Labs WIOV 2011, Portland, OR

  2. The Problem: Network Performance Isolation

  3. Suppose that you have a datacenter … …

  4. Suppose that you have a datacenter …

  5. And you are an IaaS provider … 70% BW

  6. And you are an IaaS provider … 70% BW 30% BW

  7. ... and your network faces this traffic pattern: 70% BW 30% BW TCP TCP

  8. ... and your network faces this traffic pattern: 70% BW 30% BW TCP TCP

  9. ... and your network faces this traffic pattern: 70% BW 30% BW TCP TCP TCP is flow-based, not tenant-aware...

  10. It becomes worse with these transport protocols: 70% BW 30% BW TCP UDP

  11. It becomes worse with these transport protocols: 70% BW 30% BW TCP UDP UDP will consume most of the bandwidth

  12. It becomes worse with these transport protocols: 70% BW 30% BW TCP UDP Using rate limiters at each server doesn’t solve the problem …

  13. It becomes worse with these transport protocols: If you limit the rate of 70% BW each at 30% 30% BW TCP UDP Using rate limiters at each server doesn’t solve the problem …

  14. It becomes worse with these transport protocols: The aggregate 70% BW RX is 90% 30% BW TCP UDP Using rate limiters at each server doesn’t solve the problem …

  15. The Problem: Network Performance Isolation • How can we enforce that all tenants will have at least the minimum amount of network resources they need to keep their services up? o In other words, how to provide network performance isolation to multi-tenant datacenters ?

  16. Practical requirements for a traffic isolation mechanism/system

  17. Requirements for a practical solution • Scalability Datacenter supports thousands of physical servers hosting 10s of thousands of tenants and 10s to 100s of thousands of VMs • Intuitive Service Model Straightforward for tenants to understand and specify their network performance needs • Robust against untrusted tenants IaaS model allows users to run arbitrary code as tenants, giving users total control over the network stack. Malicious users could jeopardize the performance of other tenants • Flexibility / Predictability What should we do with the idle bandwidth? Work conserving vs non-work conserving?

  18. Existing solutions don ’ t meet all these requirements Flexibility / Solution Scalable Intuitive Model Robustness Predictability ✗ ✗ ✗ ✔ TCP BW Capping ✗ ✗ ✔ ✔ (policing) ✗ ✔ ✔ ✔ Secondnet ✗ ✗ ✔ ✔ Seawall ✗ ✗ ✔ ✔ AF-QCN

  19. Our approach

  20. Assumption Bisection bandwidth should not be a problem: • Emerging multi-path technologies will enable high bandwidth networks with full-bisection bandwidth • Smart tenant placement: tenant VMs placed close to each other in the network topology • Results on DC traffic analysis show that most of the congestion happens within racks, not at the core

  21. Our approach • Assume core is over-provisioned and manage bandwidth at edge o Addresses scalability challenge: Limited number of tenants in each edge link

  22. Tenant Performance Model Abstraction VM VM VM BW1 BW2 BW3 BW4 BW10 VM VM BW5 BW9 VM VM BW8 BW7 BW6 VM VM VM • Simple abstraction to tenant o Model similar to physical servers connected to a switch • Guaranteed bandwidth for each VM (TX and RX) o Minimum and Maximum rate per vNIC

  23. Gatekeeper • Provides network isolation for multi-tenant datacenters using a distributed mechanism • Agents implemented at the virtualization layer coordinate bandwidth allocation dynamically, based on tenants ’ guarantees

  24. Gatekeeper • Agents in the VMM control the transmission (TX) and coordinate the reception (RX)

  25. Gatekeeper - Overview 70% BW 30% BW TCP UDP

  26. Gatekeeper - Overview 70% BW 30% BW Congestion! TCP UDP

  27. Gatekeeper - Overview 70% BW 30% BW TCP OK! Reducing TX UDP OK! Reducing TX OK! Reducing TX

  28. Gatekeeper Architecture

  29. Gatekeeper Prototype o Xen/Linux o Gatekeeper integrated into Linux Open vSwitch o Leverage Linux traffic control mechanism (HTB) for rate control

  30. Example - RX 2 Tenants share a gigabit link: • Tenant A o 70% of the link, o 1 TCP Flow • Tenant B o 30% of the link, o 3 Flows ( TCP or UDP )

  31. Example - TX 2 Tenants share a gigabit link: • Tenant A o 70% of the link, o 1 TCP Flow • Tenant B o 30% of the link, o 3 Flows ( TCP or UDP )

  32. Example – Results without Gatekeeper Transmit (TX) Scenario no control TX rate cap 1000 ¡ 900 ¡ 800 ¡ 700 ¡ 600 ¡ 500 ¡ 400 ¡ 300 ¡ 200 ¡ 100 ¡ 0 ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ Type of traffic for tenant B Tenant A (TCP) Tenant B

  33. Example – Results without Gatekeeper Transmit (TX) Scenario Receive (RX) Scenario no control TX rate cap no control RX rate cap 1000 ¡ 1000 ¡ 900 ¡ 900 ¡ 800 ¡ 800 ¡ 700 ¡ 700 ¡ 600 ¡ 600 ¡ 500 ¡ 500 ¡ 400 ¡ 400 ¡ 300 ¡ 300 ¡ 200 ¡ 200 ¡ 100 ¡ 100 ¡ 0 ¡ 0 ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ Type of traffic for tenant B Type of traffic for tenant B Tenant A (TCP) Tenant B

  34. Example – Results without Gatekeeper • Bandwidth Capping doesn ’ t reallocate unused bandwidth (non work-conserving) • UDP consumes most of the switch resources Transmit (TX) Scenario Receive (RX) Scenario no control TX rate cap no control RX rate cap 1000 ¡ 1000 ¡ 900 ¡ 900 ¡ 800 ¡ 800 ¡ 700 ¡ 700 ¡ 600 ¡ 600 ¡ 500 ¡ 500 ¡ 400 ¡ 400 ¡ 300 ¡ 300 ¡ 200 ¡ 200 ¡ 100 ¡ 100 ¡ 0 ¡ 0 ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ Type of traffic for tenant B Type of traffic for tenant B Tenant A (TCP) Tenant B

  35. Example – Results with Gatekeeper Receive (RX) Scenario Transmit (TX) Scenario Gatekeeper Gatekeeper Gatekeeper Gatekeeper no control TX rate cap predictable flexible predictable flexible no control RX rate cap 1000 ¡ 1000 ¡ 900 ¡ 900 ¡ 800 ¡ 800 ¡ 700 ¡ 700 ¡ 600 ¡ 600 ¡ 500 ¡ 500 ¡ 400 ¡ 400 ¡ 300 ¡ 300 ¡ 200 ¡ 200 ¡ 100 ¡ 100 ¡ 0 ¡ 0 ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ none ¡ TCP ¡UDP ¡ Type of traffic for tenant B Type of traffic for tenant B Tenant A (TCP) Tenant B

  36. Summary • Gatekeeper provides network bandwidth guarantee at the server virtualization layer § Extends hypervisor to control RX bandwidth • Prototype implemented and used to demonstrate Gatekeeper in simple scenario • Future work § Evaluate Gatekeeper at larger scales § HP Labs Open Cirrus testbed (100+ nodes) § Further explore the design space § Functions to decrease/increase rate, etc § Evaluate Gatekeeper with more realistic benchmarks and applications

  37. Gatekeeper: Supporting Bandwidth Guarantees for Multi-tenant Datacenter Networks Contacts: {hsr,dorgival}@dcc.ufmg.br {yoshio_turner,joserenato.santos}@hp.com Acknowledgements: Brasil WIOV 2011, Portland, OR

Recommend

OPA Gatekeeper Sertac Ozercan, Gatekeeper maintainer (@sozercan) Policy and Governance for

OPA Gatekeeper Sertac Ozercan, Gatekeeper maintainer (@sozercan) Policy and Governance for

OPA Gatekeeper Sertac Ozercan, Gatekeeper maintainer (@sozercan) Policy and Governance for Kubernetes Lachie Evenson, CNCF Ambassador (@LachlanEvenson) https://github.com/open-policy-agent/gatekeeper Photo by Pedro Velasco on Unsplash

516 views • 27 slides
Gatekeeper Program UNITED WAY GREATER LEHIGH VALLEY The Gatekeeper Program is A collective

Gatekeeper Program UNITED WAY GREATER LEHIGH VALLEY The Gatekeeper Program is A collective

Gatekeeper Program UNITED WAY GREATER LEHIGH VALLEY The Gatekeeper Program is A collective community approach to connecting seniors in need to appropriate services. Gatekeepers are trained to: Identify the warning signs that a senior

461 views • 29 slides
Bandwidth Ex Parte Addendum M a y 1 0 , 2 0 1 8 Addendum to Bandwidth FCC Meeting on May 2,

Bandwidth Ex Parte Addendum M a y 1 0 , 2 0 1 8 Addendum to Bandwidth FCC Meeting on May 2,

Bandwidth Ex Parte Addendum M a y 1 0 , 2 0 1 8 Addendum to Bandwidth FCC Meeting on May 2, 2018 In response to staff requests, Bandwidth is providing additional call-flow examples of VOIP 9-1-1 calls into the ECS Proceeding Record.

399 views • 7 slides
Frra veckan: Skerhet Brandvggar I nt ro t ill skerhet Gatekeeper Information

Frra veckan: Skerhet Brandvggar I nt ro t ill skerhet Gatekeeper Information

Frra veckan: Skerhet Brandvggar I nt ro t ill skerhet Gatekeeper Information Sker kommunikat ion function system Krypt ograf i Computing resources Opponent (processor, memory, I/O) Aut ent icer ing Data Access

413 views • 4 slides
Virtualising our CPE Mantychore is part-funded by the EC under Grant Agreement N 261527

Virtualising our CPE Mantychore is part-funded by the EC under Grant Agreement N 261527

Virtualising our CPE Mantychore is part-funded by the EC under Grant Agreement N 261527 Whats the problem? Firewall Switch Transmission Routers Bandwidth Bandwidth Bandwidth Connectivity Bandwidth Connectivity Bandwidth

891 views • 86 slides
GUARDIANS AT THE GATE: THE GATEKEEPER INITIATIVE AND THE RISK-BASED APPROACH FOR TRANSACTIONAL

GUARDIANS AT THE GATE: THE GATEKEEPER INITIATIVE AND THE RISK-BASED APPROACH FOR TRANSACTIONAL

GUARDIANS AT THE GATE: THE GATEKEEPER INITIATIVE AND THE RISK-BASED APPROACH FOR TRANSACTIONAL LAWYERS Kevin L. Shepherd Editors Synopsis: In this Article, the author outlines the history and development of the Financial Action Task Force

761 views • 65 slides
Gatekeeper Mostly Static Enforcement of Security & Reliability Policies for JavaScript Code

Gatekeeper Mostly Static Enforcement of Security & Reliability Policies for JavaScript Code

Gatekeeper Mostly Static Enforcement of Security & Reliability Policies for JavaScript Code Salvatore Guarnieri, University of Washington Ben Livshits, Microsoft Research 1 alert (hi); program malicious Catch me if you can dont

828 views • 26 slides
A 83-dB SFDR 10-MHz Bandwidth A 83-dB SFDR 10-MHz Bandwidth Continuous-Time Delta-Sigma

A 83-dB SFDR 10-MHz Bandwidth A 83-dB SFDR 10-MHz Bandwidth Continuous-Time Delta-Sigma

A 83-dB SFDR 10-MHz Bandwidth A 83-dB SFDR 10-MHz Bandwidth Continuous-Time Delta-Sigma Modulator Employing a One-Element- M d l t E l i O El t Shifting Dynamic Element Matching Hong Phuc Ninh, Masaya Miyahara, and Akira Matsuzawa

468 views • 28 slides
Network Bandwidth Utilization Forecast Model on High Bandwidth Networks Scientific Data

Network Bandwidth Utilization Forecast Model on High Bandwidth Networks Scientific Data

Network Bandwidth Utilization Forecast Model on High Bandwidth Networks Scientific Data Management Group Computational Research Division Lawrence Berkeley National Laboratory Wucherl (William) Yoo, Alex Sim Feb. 17, 2015 W. Yoo, CRD , LBNL 1

461 views • 20 slides
"Don't Be the Quality Gatekeeper: Just Hold Up the Mirror" Presented by: Mfundo Nkosi

"Don't Be the Quality Gatekeeper: Just Hold Up the Mirror" Presented by: Mfundo Nkosi

T7 Track 9/30/2010 11:15 AM "Don't Be the Quality Gatekeeper: Just Hold Up the Mirror" Presented by: Mfundo Nkosi Micro to Mainframe Brought to you by: 330 Corporate Way, Suite 300, Orange Park, FL 32073 888 268 8770 904

436 views • 14 slides
Bandwidth Management Chris Wilson Aptivate Ltd, UK AfNOG 2010 Ingredients What is bandwidth

Bandwidth Management Chris Wilson Aptivate Ltd, UK AfNOG 2010 Ingredients What is bandwidth

Bandwidth Management Chris Wilson Aptivate Ltd, UK AfNOG 2010 Ingredients What is bandwidth management When to manage bandwidth Troubleshooting an Internet connection Monitoring an Internet connection Setting policy

1.18k views • 85 slides
A Full Bandwidth Audio Codec with Low A Full Bandwidth Audio Codec with Low Complexity and Very

A Full Bandwidth Audio Codec with Low A Full Bandwidth Audio Codec with Low Complexity and Very

A Full Bandwidth Audio Codec with Low A Full Bandwidth Audio Codec with Low Complexity and Very Low Delay Complexity and Very Low Delay Jean-Marc Valin, Octasic Inc. Timothy B. Terriberry, Xiph.Org Foundation Gregory Maxwell, Juniper Networks

451 views • 16 slides
Improving QOS in IP Networks Principles for QOS Guarantees Improving QOS in IP Networks

Improving QOS in IP Networks Principles for QOS Guarantees Improving QOS in IP Networks

Improving QOS in IP Networks Principles for QOS Guarantees Improving QOS in IP Networks Principles for QOS Guarantees Thus far: making the best of best effort Example: 1MbpsI P phone, FTP share 1.5 Mbps link. Future: next generation

426 views • 6 slides
RISK ASSESSEMENT supporting TEST supporting supporting supporting supporting REAGENTS RISK

RISK ASSESSEMENT supporting TEST supporting supporting supporting supporting REAGENTS RISK

TEST IDENTIFICATION:________________________________ LOCATION (SITE/DEPARTMENT):________________________________ RISK ASSESSEMENT supporting TEST supporting supporting supporting supporting REAGENTS RISK RISK OPERATORS RISK SPECIMEN

389 views • 3 slides
Genome Biology Ontology + Gatekeeper Jasper Koehorst Laboratory of Systems and Synthetic Biology

Genome Biology Ontology + Gatekeeper Jasper Koehorst Laboratory of Systems and Synthetic Biology

Genome Biology Ontology + Gatekeeper Jasper Koehorst Laboratory of Systems and Synthetic Biology Current formats Not designed To store computational annotation meta-data For semantic data mining To query / ask questions

431 views • 5 slides
Supporting Innovation Taftie Academy Strasbourg, 22nd September 2016 1 InnovFin Product

Supporting Innovation Taftie Academy Strasbourg, 22nd September 2016 1 InnovFin Product

Supporting Innovation Taftie Academy Strasbourg, 22nd September 2016 1 InnovFin Product Overview 2 InnovFin SME Guarantee This guarantee instrument covers the risk related to losses of a portfolio 3 Key Guarantee Terms Direct Guarantees

539 views • 22 slides
Implicit Guarantees and Risk Taking: Implicit Guarantees and Risk Taking: Implicit Guarantees and

Implicit Guarantees and Risk Taking: Implicit Guarantees and Risk Taking: Implicit Guarantees and

Implicit Guarantees and Risk Taking: Implicit Guarantees and Risk Taking: Implicit Guarantees and Risk Taking: Implicit Guarantees and Risk Taking: Evidence from Money Market Funds Evidence from Money Market Funds Money and Payments Workshop

742 views • 45 slides
Bandwidth Management Chris Wilson Aptivate Ltd, UK AfNOG 2012 Download this presentation at:

Bandwidth Management Chris Wilson Aptivate Ltd, UK AfNOG 2012 Download this presentation at:

Bandwidth Management Chris Wilson Aptivate Ltd, UK AfNOG 2012 Download this presentation at: http://www.ws.afnog.org/afnog2012/tutorials/bmo Ingredients What is bandwidth management When to manage bandwidth Troubleshooting an

1.23k views • 83 slides
Incremental Consistency Guarantees For Replicated Objects Rachid Guerraoui, Matej Pavlovic,

Incremental Consistency Guarantees For Replicated Objects Rachid Guerraoui, Matej Pavlovic,

Incremental Consistency Guarantees For Replicated Objects Rachid Guerraoui, Matej Pavlovic, Dragos-Adrian Seredinschi SOCIAL MEDIA APPLICATION replicate Incremental Consistency Guarantees Incremental Consistency Guarantees 2 Dragos-Adrian

749 views • 50 slides
Using SCHED_DEADLINE Controlling CPU Bandwidth Steven Rostedt rostedt@goodmis.org

Using SCHED_DEADLINE Controlling CPU Bandwidth Steven Rostedt rostedt@goodmis.org

Using SCHED_DEADLINE Controlling CPU Bandwidth Steven Rostedt rostedt@goodmis.org srostedt@redhat.com What is SCHED_DEADLINE? A new scheduling class others are: SCHED_OTHER, SCHED_FIFO, SCHED_RR Constant Bandwidth Scheduler Earliest

959 views • 52 slides
IRMA Initiative for Risk Mitigation in Africa PARTIAL RISK GUARANTEES AND INSURANCE PRODUCTS

IRMA Initiative for Risk Mitigation in Africa PARTIAL RISK GUARANTEES AND INSURANCE PRODUCTS

IRMA Initiative for Risk Mitigation in Africa PARTIAL RISK GUARANTEES AND INSURANCE PRODUCTS PANEL 24 April 2102 PARTIAL RISK GUARANTEES AND INSURANCE PRODUCTS PANEL Product initiatives Stewart Kinloch Partial Risk Guarantees

483 views • 9 slides
Bandwidth for all Bandwidth for all The Peruvian The Peruvian case case Roxana Barrantes

Bandwidth for all Bandwidth for all The Peruvian The Peruvian case case Roxana Barrantes

Dilogo Regional sobre Sociedad de la Informacin Bandwidth for all Bandwidth for all The Peruvian The Peruvian case case Roxana Barrantes Roxana Barrantes Instituto de Estudios Peruanos Instituto de Estudios Peruanos ACORN/REDECOM

1.07k views • 9 slides
Performance Enhancement of Extended AFDX via Bandwidth Reservation for TSN/BLS Shapers Ana s

Performance Enhancement of Extended AFDX via Bandwidth Reservation for TSN/BLS Shapers Ana s

Performance Enhancement of Extended AFDX via Bandwidth Reservation for TSN/BLS Shapers Ana s Finzi, Ahlem Mifdaoui et al. July 3, 2018, RTN18 1/27 Context and Objectives System Model Bandwidth Reservation Methods Performance

885 views • 70 slides
Use Cases for High Bandwidth Query and Control of Core

Use Cases for High Bandwidth Query and Control of Core

Use Cases for High Bandwidth Query and Control of Core Networks draft-bernstein-alto-large-bandwidth-cases-00.txt Greg Bernstein, Gro;o Networking Young Lee, Huawei

479 views • 8 slides

More recommend